fastapi-users/docs/usage/routes.md

Routes

You'll find here the routes exposed by FastAPI Users. Note that you can also review them through the interactive API docs.

Unauthenticated

POST /register

Register a new user. Will call the on_after_register event handlers on successful registration.

!!! abstract "Payload" json { "email": "king.arthur@camelot.bt", "password": "guinevere" }

!!! success "201 Created" json { "id": "57cbb51a-ab71-4009-8802-3f54b4f2e23", "email": "king.arthur@camelot.bt", "is_active": true, "is_superuser": false }

!!! fail "422 Validation Error"

!!! fail "400 Bad Request" A user already exists with this email.

POST /login

Login a user.

!!! abstract "Payload (application/x-www-form-urlencoded)" username=king.arthur@camelot.bt&password=guinevere

!!! success "200 OK" json { "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoiOTIyMWZmYzktNjQwZi00MzcyLTg2ZDMtY2U2NDJjYmE1NjAzIiwiYXVkIjoiZmFzdGFwaS11c2VyczphdXRoIiwiZXhwIjoxNTcxNTA0MTkzfQ.M10bjOe45I5Ncu_uXvOmVV8QxnL-nZfcH96U90JaocI" }

!!! fail "422 Validation Error"

!!! fail "400 Bad Request" Bad credentials or the user is inactive.

POST /forgot-password

Request a reset password procedure. Will generate a temporary token and call the on_after_forgot_password event handlers if the user exists.

To prevent malicious users from guessing existing users in your databse, the route will always return a 202 Accepted response, even if the user requested does not exist.

!!! abstract "Payload" json { "email": "king.arthur@camelot.bt" }

!!! success "202 Accepted"

POST /reset-password

Reset a password. Requires the token generated by the /forgot-password route.

!!! abstract "Payload" json { "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoiOTIyMWZmYzktNjQwZi00MzcyLTg2ZDMtY2U2NDJjYmE1NjAzIiwiYXVkIjoiZmFzdGFwaS11c2VyczphdXRoIiwiZXhwIjoxNTcxNTA0MTkzfQ.M10bjOe45I5Ncu_uXvOmVV8QxnL-nZfcH96U90JaocI", "password": "merlin" }

!!! success "200 OK"

!!! fail "422 Validation Error"

!!! fail "400 Bad Request" Bad or expired token.

Authenticated

GET /me

Return the current authenticated active user.

!!! success "200 OK" json { "id": "57cbb51a-ab71-4009-8802-3f54b4f2e23", "email": "king.arthur@camelot.bt", "is_active": true, "is_superuser": false }

!!! fail "401 Unauthorized" Missing token or inactive user.

PATCH /me

Update the current authenticated active user.

!!! abstract "Payload" json { "email": "king.arthur@tintagel.bt", "password": "merlin" }

!!! success "200 OK" json { "id": "57cbb51a-ab71-4009-8802-3f54b4f2e23", "email": "king.arthur@tintagel.bt", "is_active": true, "is_superuser": false }

!!! fail "401 Unauthorized" Missing token or inactive user.

Superuser

GET /

Return the list of registered users.

!!! success "200 OK" json [{ "id": "57cbb51a-ab71-4009-8802-3f54b4f2e23", "email": "king.arthur@camelot.bt", "is_active": true, "is_superuser": false }]

!!! fail "401 Unauthorized" Missing token or inactive user.

!!! fail "403 Forbidden" Not a superuser.

GET /{user_id}

Return the user with id user_id.

!!! success "200 OK" json { "id": "57cbb51a-ab71-4009-8802-3f54b4f2e23", "email": "king.arthur@camelot.bt", "is_active": true, "is_superuser": false }

!!! fail "401 Unauthorized" Missing token or inactive user.

!!! fail "403 Forbidden" Not a superuser.

!!! fail "404 Not found" The user does not exist.

PATCH /{user_id}

Update the user with id user_id.

!!! abstract "Payload" json { "email": "king.arthur@tintagel.bt", "password": "merlin", "is_active": false, "is_superuser": true }

!!! success "200 OK" json { "id": "57cbb51a-ab71-4009-8802-3f54b4f2e23", "email": "king.arthur@camelot.bt", "is_active": false, "is_superuser": true }

!!! fail "401 Unauthorized" Missing token or inactive user.

!!! fail "403 Forbidden" Not a superuser.

!!! fail "404 Not found" The user does not exist.

DELETE /{user_id}

Delete the user with id user_id.

!!! success "204 No content"

!!! fail "401 Unauthorized" Missing token or inactive user.

!!! fail "403 Forbidden" Not a superuser.

!!! fail "404 Not found" The user does not exist.